package com.meet.filter;

import com.meet.dao.ServletVisitDao;
import com.meet.dao.ServletVisitDaoImpl;
import com.meet.dao.UserDao;
import com.meet.dao.UserDaoImpl;
import com.meet.entity.ServletVisitLog;
import com.meet.entity.Workers;
import com.meet.service.UserService;
import com.meet.service.UserServiceImpl;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.sql.SQLException;
import java.util.List;

@WebFilter("/servlet/*" )
public class GrantFilter implements Filter {
    private UserDao userDao=new UserDaoImpl();
    private UserService userService=new UserServiceImpl(userDao);
    public void destroy() {
    }

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
        HttpServletRequest req=(HttpServletRequest)request;
        HttpServletResponse resp=(HttpServletResponse)response;

        HttpSession session=req.getSession();
        System.out.println("***---");
        //不过滤处理jsp页面、JS和CSS文件
        Workers workers =(Workers) session.getAttribute("worker");



        try {                       //
            List<String> lists=userService.getUrl(workers.getId());
            System.out.println("------"+lists);
            //System.out.println(req.getRequestURI());
            //System.out.println(req.getContextPath());
            int pos=req.getRequestURI().indexOf(req.getContextPath()+"/")+req.getContextPath().length();
            String urlReal=req.getRequestURI().substring(pos+1)+"?"+req.getQueryString();
            System.out.println("r---:"+urlReal);
            String urlRealPage=urlReal.substring(0,urlReal.lastIndexOf("flag")+6);
            System.out.println("rp--:"+urlRealPage);

            String remoteHost= req.getRemoteHost();
            String servletName=req.getRequestURI().substring(pos+1);
            //日志写入
        //    System.out.println("username:"+workers.getUname());
            ServletVisitDao servletVisitDao=new ServletVisitDaoImpl();
              System.out.println("servletName:"+servletName);
            System.out.println("remoteHost:"+remoteHost);
            System.out.println("param:"+req.getQueryString());
          ServletVisitLog servletVisitLog=new ServletVisitLog(null,remoteHost,null,servletName,req.getQueryString(),workers.getUname());
            if(workers!=null) {
                System.out.println(servletVisitLog);
                int count = servletVisitDao.AddServletVisitLog(servletVisitLog);
                if (count > 0) {
                    System.out.println("插入一条用户访问日志");
                }
            }
            System.out.println("判断1："+lists.contains(urlReal));
            System.out.println("判断2："+lists.contains(urlRealPage));
            if (lists.contains(urlReal)||lists.contains(urlRealPage)){
                System.out.println("准许");
                chain.doFilter(req, resp);
            }else{
                System.out.println("禁止准许");
                //session.invalidate();
                resp.sendRedirect("../no_access.html");
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }


        //省略校验代码...
        //  }




    }

    public void init(FilterConfig config) throws ServletException {

    }


}
